The Top Data Breaches of 2016 (And What We Can Learn from Them)

Ever realize you were a little too quick to call something the “worst” or the “most”? Cyber security experts learned that lesson the hard way over the past couple of years. Quick to call 2014 the “Year of the Data Breach,” 2015 met or surpassed it, and as 2016 draws to an end, it seems to have been the worst of all. If you’ve got big data, you’ve likely had some kind of data breach within the past couple of years; potentially numerous ones.

It pays to note that the majority of data breaches actually never get reported. There aren’t yet good laws addressing all the nuances of when, how, where, and what organizations have to report when a data breach involving their big data occurs. Most businesses do the right thing and notify their customers if their confidential information is stolen, but few admit their systems were breached if there isn’t an immediate and pressing need to do so.

Without further ado, here are the worst of the worst data breaches as far as 2016 goes. We’ll be raising a toast that 2017 brings better cyber security tools and fewer data breaches to plague big data.

1. Yahoo!

September 2016 could have been when one of the largest data breaches ever was announced, but the breach actually went down in 2014. Yahoo! owned up to having had “at least” 500 million of their users’ accounts hacked. They believe that the act was state sponsored, meaning that the hack was conducted by an individual acting on behalf of some government. The information stolen probably included names, email addresses, phone numbers, birthdays, passwords, and perhaps even users’ security questions and answers.

2. US Department of Justice

In February 2016, hackers who were reportedly unhappy about the status of US relations with the state of Israel attempted to raise awareness of their issues by hacking the US Department of Justice’s database. The hack involved publicly releasing the personal information of some 10,000 employees of the Department of Homeland Security, and information on another 20,000 employees of the FBI the following day. Fortunately, it does not appear that the leaked data contained highly sensitive information, such as social security numbers.

3. The IRS

Also in February, news broke of a data breach at the Internal Revenue Service, which was another breach that went quite some time without being reported. This hack reportedly occurred in 2015, but in February of this year it became evident that the hack was significantly larger than originally thought. It was thought to have involved the theft of only 100,000 records containing the sensitive information of American taxpayers. The actual number was probably closer to 700,000 records. Hackers hacked into the IRS’s “Get Transcript” system to steal the records. The IRS blamed the attack on criminals in Russia.

Other smaller, but perhaps more public, data breaches involved big data at Snapchat, Premier Healthcare, Verizon, Dropbox, and a number of email providers.

Was your data put at risk? Follow us on Twitter for the latest information on big data and data breaches around the world.